Fix some bugs + added (coded delAli)

Fix some bugs + added (coded delAli)
This commit is contained in:
novgorodschi catalin
2026-05-25 12:37:33 +03:00
parent a4e2c506a8
commit 8c3ab3e5eb
14 changed files with 532 additions and 425 deletions
+72 -34
View File
@@ -1,53 +1,91 @@
<?php
#################################################################################
## editAli.php - Backend pentru editAli.tpl ##
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Filename editAli.php ##
## Type BACKEND ##
## Developed by: Shadow (după model editUser) ##
## License: TravianZ Project ##
## Copyright: TravianZ (c) 2010-2025. All rights reserved. ##
#################################################################################
if (!isset($_SESSION)) {
session_start();
}
if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
die("Access Denied: You are not Admin!");
}
include_once("../../config.php");
include_once("../../Session.php");
include_once("../../Database.php");
$session = new Session();
$database = new Database();
// ---------------------------------------------------------------------------
// Autoloader path - la fel ca în editUser.php
// ---------------------------------------------------------------------------
$autoprefix = '';
for ($i = 0; $i < 5; $i++) {
$autoprefix = str_repeat('../', $i);
if (file_exists($autoprefix . 'autoloader.php')) {
break;
}
}
include_once($autoprefix . "GameEngine/Database.php");
// doar admini
if(!$session->isAdmin()){
header("Location: ../../../Admin/admin.php");
// ---------------------------------------------------------------------------
// Input
// ---------------------------------------------------------------------------
$admid = (int)($_POST['admid'] ?? 0);
$aid = (int)($_POST['aid'] ?? 0);
if ($aid <= 0 || $admid <= 0) {
header("Location: ../../../Admin/admin.php?p=alliance&aid=$aid&e=bad");
exit;
}
$aid = (int)($_POST['aid'] ?? 0);
$admid = (int)($_POST['admid'] ?? 0);
// verificare sesiune
if($admid != $session->uid || $aid <= 0){
die("Access denied");
// ---------------------------------------------------------------------------
// Verificare admin - la fel ca editUser
// ---------------------------------------------------------------------------
$admin = $database->getUserArray($admid, 1);
if (!$admin || (int)$admin['access'] !== 9) {
die('<h1><font color="red">Access Denied: You are not Admin!</font></h1>');
}
$tag = $database->escape(substr(trim($_POST['tag']), 0, 8));
$name = $database->escape(substr(trim($_POST['name']), 0, 25));
$leader = (int)$_POST['leader'];
$max = (int)$_POST['max'];
if($max < 3) $max = 3;
if($max > 60) $max = 60;
// ---------------------------------------------------------------------------
// Câmpuri
// ---------------------------------------------------------------------------
$tag = $database->escape(substr(trim($_POST['tag'] ?? ''), 0, 8));
$name = $database->escape(substr(trim($_POST['name'] ?? ''), 0, 25));
$leader = (int)($_POST['leader'] ?? 0);
$max = (int)($_POST['max'] ?? 0);
$max = max(3, min(60, $max));
$notice = $database->escape($_POST['notice'] ?? '');
$desc = $database->escape($_POST['desc'] ?? '');
$notice = $database->escape($_POST['notice']);
$desc = $database->escape($_POST['desc']);
// ---------------------------------------------------------------------------
// Update
// ---------------------------------------------------------------------------
$database->query(
"UPDATE " . TB_PREFIX . "alidata SET
tag = '$tag',
name = '$name',
leader = $leader,
`max` = $max,
notice = '$notice',
`desc` = '$desc'
WHERE id = $aid"
);
// update alidata
$database->query("UPDATE ".TB_PREFIX."alidata SET
tag = '$tag',
name = '$name',
leader = $leader,
`max` = $max,
notice = '$notice',
`desc` = '$desc'
WHERE id = $aid");
// ---------------------------------------------------------------------------
// Log admin - aceeași structură ca editUser
// ---------------------------------------------------------------------------
$time = time();
$logText = "Edited alliance <a href='admin.php?p=alliance&aid=$aid'>$tag</a>";
$logEsc = $database->escape($logText);
// log admin
$database->query("INSERT INTO ".TB_PREFIX."admin_log (uid, action, time) VALUES ($admid, 'Edited alliance $aid ($tag)', ".time().")");
$database->query(
"INSERT INTO " . TB_PREFIX . "admin_log (`id`, `user`, `log`, `time`) " .
"VALUES (0, '$admid', '$logEsc', $time)"
);
// redirect inapoi
header("Location: ../../../Admin/admin.php?p=alliance&aid=$aid&edited=1");
exit;
?>